exploitDog

CVE-2025-23408

Опубликовано: 12 дек. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Weak Password Requirements vulnerability in Apache Fineract.

This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0.

Users are encouraged to upgrade to version 1.13.0, the latest release.

Ссылки

https://lists.apache.org/thread/bdlb6wl968yh1n48mr5npsk2spo6dncf
Vendor Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2025/12/11/5
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*

Версия до 1.11.0 (исключая)

EPSS

Процентиль: 34%

0.00137

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-521

Связанные уязвимости

GHSA-6jvx-rr4c-j9j5

CVSS3: 6.5

github

около 2 месяцев назад

Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0. Users are encouraged to upgrade to version 1.13.0, the latest release.

EPSS

Процентиль: 34%

0.00137

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-521